Security Advisory - June 09, 2015

Zscaler, working with Microsoft through their MAPPs program, has proactively deployed protections for the following 25 vulnerabilities included in the June 2015 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the June release and deploy additional protections as necessary.

Description: Remote code execution vulnerabilities exist when Internet Explorer improperly accesses objects in memory. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Description: Remote code execution vulnerabilities exist in Microsoft Office software that is caused when the Office software improperly handles objects in memory while parsing specially crafted Office files. This could corrupt system memory in such a way as to allow an attacker to execute arbitrary code.

Description: Multiple elevation of privilege vulnerabilities exist in the Windows kernel-mode driver when it accesses an object in memory that has either not been correctly initialized or deleted. The vulnerabilities may corrupt memory in such a way that an attacker could gain elevated privileges on a targeted system